ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Local Encryption Scenarios

    Scheduled Pinned Locked Moved IT Discussion
    securityencryptionfull disk encryption
    45 Posts 7 Posters 4.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DustinB3403D
      DustinB3403 @1337
      last edited by

      @Pete-S said in Local Encryption Scenarios:

      @DustinB3403 said in Local Encryption Scenarios:

      @Pete-S said in Local Encryption Scenarios:

      Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

      The data files could be secured the same way as any paper records. Locked in a safe when not in use.

      That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

      Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

      In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

      You have those examples a bit mixed up.

      The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

      You break the lock, you get the data. If you break the encryption key you get the data.

      But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

      1 1 Reply Last reply Reply Quote 0
      • 1
        1337 @DustinB3403
        last edited by

        @DustinB3403 said in Local Encryption Scenarios:

        @Pete-S said in Local Encryption Scenarios:

        @DustinB3403 said in Local Encryption Scenarios:

        @Pete-S said in Local Encryption Scenarios:

        Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

        The data files could be secured the same way as any paper records. Locked in a safe when not in use.

        That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

        Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

        In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

        You have those examples a bit mixed up.

        The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

        You break the lock, you get the data. If you break the encryption key you get the data.

        But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

        Reminds me of this classic:
        alt text

        DustinB3403D DonahueD 2 Replies Last reply Reply Quote 0
        • DustinB3403D
          DustinB3403 @1337
          last edited by

          @Pete-S said in Local Encryption Scenarios:

          @DustinB3403 said in Local Encryption Scenarios:

          @Pete-S said in Local Encryption Scenarios:

          @DustinB3403 said in Local Encryption Scenarios:

          @Pete-S said in Local Encryption Scenarios:

          Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

          The data files could be secured the same way as any paper records. Locked in a safe when not in use.

          That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

          Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

          In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

          You have those examples a bit mixed up.

          The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

          You break the lock, you get the data. If you break the encryption key you get the data.

          But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

          Reminds me of this classic:
          alt text

          Exactly.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @1337
            last edited by

            @Pete-S said in Local Encryption Scenarios:

            If it's a laptop, how can it be stolen and still not locked? As soon as you close the lid it's locked by a password. I doubt a thief would not close the lid if he grabs it while someone is using it.

            That's not always he case, and thieves know not to close lids.

            1 1 Reply Last reply Reply Quote 0
            • 1
              1337 @scottalanmiller
              last edited by 1337

              @scottalanmiller said in Local Encryption Scenarios:

              @Pete-S said in Local Encryption Scenarios:

              If it's a laptop, how can it be stolen and still not locked? As soon as you close the lid it's locked by a password. I doubt a thief would not close the lid if he grabs it while someone is using it.

              That's not always he case, and thieves know not to close lids.

              What kind of thieves are we talking about here? The kind that are after national security secrets or the kind that needs money to buy drugs? Or are we talking about professionals that make a living stealing things?

              JaredBuschJ 1 Reply Last reply Reply Quote 1
              • DustinB3403D
                DustinB3403
                last edited by

                @Pete-S in the discussion of hitting the person with a $5 wrench, that of course means the goal is to steal the data. Not the File Cabinet that houses the data.

                But the same applies for the laptop too. If the goal is to steal the laptop, you don't care about the data and just want to steal a laptop.

                Bolting the cabinet down or using a cable lock on the laptop are just deterrents to prevent theft of the house. The lock is a deterrent to prevent data theft.

                1 1 Reply Last reply Reply Quote 0
                • BRRABillB
                  BRRABill @scottalanmiller
                  last edited by

                  @scottalanmiller said in Local Encryption Scenarios:

                  And if ANY behaviour changes based on using the local encryption, then in that scenario, the local encryption was a bad thing, not a good thing. Not just a waste, but actually a negative to the security.

                  Right, but if the user stays the same (with the exception of entering in a password) [NOTE: if they don't put it on a post-it note LOL] then the local encryption could be seen as a plus.

                  1 Reply Last reply Reply Quote 0
                  • 1
                    1337 @DustinB3403
                    last edited by 1337

                    @DustinB3403 said in Local Encryption Scenarios:

                    @Pete-S in the discussion of hitting the person with a $5 wrench, that of course means the goal is to steal the data. Not the File Cabinet that houses the data.

                    But the same applies for the laptop too. If the goal is to steal the laptop, you don't care about the data and just want to steal a laptop.

                    Bolting the cabinet down or using a cable lock on the laptop are just deterrents to prevent theft of the house. The lock is a deterrent to prevent data theft.

                    I think in 99.99% of the cases the CPA would face, the goal is to steal the laptop and not the data. It is unlikely the hard drive would face any other fate than being wiped. But the guys doing the wiping would probably check if the drive had something of value first that they could sell.

                    If someone was after the data it would probably be criminals and they would go the $5 wrench route. Or bribe someone for $1500 or whatever would be required..

                    DustinB3403D 1 Reply Last reply Reply Quote 0
                    • DustinB3403D
                      DustinB3403 @1337
                      last edited by

                      @Pete-S exactly.

                      So you would go with simple traditional and easily employed security. Cable locks for the hardware, encryption for the data at rest.

                      1 1 Reply Last reply Reply Quote 0
                      • 1
                        1337 @DustinB3403
                        last edited by 1337

                        @DustinB3403 said in Local Encryption Scenarios:

                        @Pete-S exactly.

                        So you would go with simple traditional and easily employed security. Cable locks for the hardware, encryption for the data at rest.

                        I think I would just put the entire laptop in the safe and not bother with the encryption.
                        Cable locks doesn't withstand a simple bolt cutter.

                        DustinB3403D 1 Reply Last reply Reply Quote 0
                        • DustinB3403D
                          DustinB3403
                          last edited by

                          If you wanted to take it one step further, you could virtualize the workload that this 1-person CPA does, have them RDP to a VM, decryption the system with bitlocker or veracrypt or something else. Do and save all work on the VM and have nothing of extreme value sitting out on a desk.

                          But that is overkill for the scenario.

                          1 Reply Last reply Reply Quote 0
                          • DustinB3403D
                            DustinB3403 @1337
                            last edited by

                            @Pete-S said in Local Encryption Scenarios:

                            @DustinB3403 said in Local Encryption Scenarios:

                            @Pete-S exactly.

                            So you would go with simple traditional and easily employed security. Cable locks for the hardware, encryption for the data at rest.

                            I think I would just put the entire laptop in the safe and not bother with the encryption.

                            You could do that too, but if the goal is to steal the laptop. Taking a safe isn't entirely impossible either. So you'd have the safe and a laptop to sell. 🙂

                            1 Reply Last reply Reply Quote 0
                            • DustinB3403D
                              DustinB3403
                              last edited by DustinB3403

                              All of this depends on how invested someone is in stealing <insert thing>.

                              If they are incredibly motivated and have unlimited time and resources nothing would stop them.

                              You as a IT person can create deterrents and that is all.

                              1 Reply Last reply Reply Quote 0
                              • JaredBuschJ
                                JaredBusch @1337
                                last edited by

                                @Pete-S said in Local Encryption Scenarios:

                                @scottalanmiller said in Local Encryption Scenarios:

                                @Pete-S said in Local Encryption Scenarios:

                                If it's a laptop, how can it be stolen and still not locked? As soon as you close the lid it's locked by a password. I doubt a thief would not close the lid if he grabs it while someone is using it.

                                That's not always he case, and thieves know not to close lids.

                                What kind of thieves are we talking about here? The kind that are after national security secrets or the kind that needs money to buy drugs? Or are we talking about professionals that make a living stealing things?

                                The ones after drugs don't care about the encryption. They will pawn it to a low rep pawn shop that will just reinstall Windows. They don't care about your disk at all.

                                The theives that want your laptop for identify theft absolutely know not to shut the lid.

                                1 Reply Last reply Reply Quote 0
                                • DonahueD
                                  Donahue @1337
                                  last edited by

                                  @Pete-S said in Local Encryption Scenarios:

                                  @DustinB3403 said in Local Encryption Scenarios:

                                  @Pete-S said in Local Encryption Scenarios:

                                  @DustinB3403 said in Local Encryption Scenarios:

                                  @Pete-S said in Local Encryption Scenarios:

                                  Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

                                  The data files could be secured the same way as any paper records. Locked in a safe when not in use.

                                  That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

                                  Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

                                  In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up.

                                  You have those examples a bit mixed up.

                                  The comparable scenario would be "getting to the data" The physical medium housing that data doesn't matter.

                                  You break the lock, you get the data. If you break the encryption key you get the data.

                                  But a physical lock is likely easier to break and get into whatever than it would to decrypt a encrypted volume.

                                  Reminds me of this classic:
                                  alt text

                                  there is ALWAYS a relevant xkcd

                                  1 Reply Last reply Reply Quote 1
                                  • 1
                                  • 2
                                  • 3
                                  • 3 / 3
                                  • First post
                                    Last post